The present invention relates to computer software, and more specifically, to computer software which provides a configuration-based client for OAuth authorization with arbitrary services and applications.
OAuth is an open standard for authorization. Services (also referred to as applications) may use OAuth as a mechanism to authorize third party applications to access resources in the service on behalf of clients (e.g., users) without sharing a user's login credentials. For example, a service which allows users to create digital photo albums may use OAuth to access a user's digital images stored by an image hosting service without requiring the user to provide their login credentials with the image hosting service.
Developing an application which needs access to resources provided by other services entails configuring the application to implement the steps of the OAuth protocol to obtain tokens that can be used to perform other operations on the services. However, each service may provide a specific implementation of the OAuth protocol, which may include different parameters, HTTP methods, and the like. When an application needs to support multiple different services, the application must include the service-specific code required to interface with each service's OAuth implementation. As such, applications can become bloated with service-specific code that is difficult to maintain. Furthermore, adding new services to the application means the application code has to be built and re-deployed, leading to application downtime.